[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Domain member: Disable machine account password changes

ID: oval:gov.nist.usgcb.windowsseven:def:66Date: (C)2012-04-13   (M)2017-10-21
Class: COMPLIANCEFamily: windows




Determines whether a domain member periodically changes its computer account password. If this setting is enabled, the domain member does not attempt to change its computer account password. If this setting is disabled, the domain member attempts to change its computer account password as specified by the setting for Domain Member: Maximum age for machine account password, which by default is every 30 days. Default: Disabled. Notes This security setting should not be enabled. Computer account passwords are used to establish secure channel communications between members and domain controllers and, within the domain, between the domain controllers themselves. Once it is established, the secure channel is used to transmit sensitive information that is necessary for making authentication and authorization decisions. This setting should not be used in an attempt to support dual-boot scenarios that use the same computer account. If you want to dual-boot two installations that are joined to the same domain, give the two installations different computer names. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Domain member: Disable machine account password changes (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters!DisablePasswordChange

Platform:
Microsoft Windows 7
Reference:
CCE-9295-7
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9295-7
XCCDF    8
xccdf_org.secpod_benchmark_cip_std_ver3_Windows_7
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_7
xccdf_gov.nist_benchmark_USGCB-Windows-7
xccdf_nist_benchmark_Windows_7
...

© 2013 SecPod Technologies